A computer worm is a type of malware program which infects other systems by making multiple copies of itself and spreading itself onto other computers within the network. Worms exploit certain parts of the operating system that are not visible to the user. The infection is only noticed when the system consumes most of the resources due to the worm’s uncontrolled replication. This in turn slows and stops the performance of other services in the computer’s operating system.
How Computer Worms Spread
Malware engineers develop computer worms to spread infection without any human intervention. It is all set to start the attack, when it becomes active on the infected system. Primitively, the worms spread i through storage media, floppy discs, which when inserted onto the disc space would then activate and then start infecting other storage devices connected to the target system. This is why USBs are often the delivery mechanisms for computer worms.
Computer worms propagate through the existing vulnerabilities in the network. For instance, the WannaCry ransomware worm infected systems with Windows installs that had a vulnerability in the first version of the Server Message Block resource sharing protocol.
A worm establishes itself in a host system and stays active on a newly infected computer, the malware then starts a network search for possible new storage devices to infect Through this way the worm is able to multiply and spread its infection to all interconnected devices in a network. When the Wannacry ransomware infects bring your own device or BYOD, the worm can spread itself onto other systems that might be connected to the infected network. Worms that are associated through emails can spread its infection by generating and sending emails to all the other addresses of the user’s address book.
Types of computer worms
Computer worms multiply themselves in a bid to spread infection to all other networks that share a connection to their host systems. Due to the propagation of the computer worms the infected system suffers latency or disruption in services. The worm propagation saturates the network links with malicious traffic and therefore disrupts networking.
Most often, a computer worm is either a worm hybrid or a virus – it not just spreads the infection but also modifies the software code. Else it performs to encrypt the users’ files and demands a ransom to gain back access to the files.
In some cases, hackers create bot worms to infect the victim computers and then to convert them into botnets or zombies. These zombies are then used in botnets-based attacks by integrating infected systems under one network.
IM (instant messaging) worms multiply and spread through instant messaging systems and gain access to the address book on the victim’s system.
Email worms come in the form of links or attachments of emails that appear to be genuine. Malware engineers craft email worms to send themselves as attachments in to the email addresses in the contact lists of an infected account. When the recipients open the infected attachment or the file, the worm infects the recipients’ system. Email worms deploy the use of effective social engineering methods to prompt the users to open the attached infected file.
An ethical worm is a crafted by hackers to multiply and spread across the network to deliver patches for known security vulnerabilities. When there is a change in the program code due to the patch fix, it can cause unexpected changes and the system which sometimes opens the publisher to numerous criminal and civil charges.
Prevention, Detection and Removal of Computer Worms
- Users should follow effective cyber security practice to fight against infected with computer worms.
- Keep software up-to-date with the latest security patch fixes
- Implement the use of firewalls to mitigate system access by malicious software.
- Use antivirus software to prevent malicious software from running in the system.
- Avoid clicking on suspicious links and attachments which can expose your systems to malware.
Symptoms of System infected with computer worm
- Slow performance of the computer
- Unexpected freezing and crashing of system
- Annoying pop-ups
- Blue screen of death
Removing a computer worm can be challenging. In worst cases, network administrators will have to reformat the system and reinstall software. Users need to use an effective malware removal tool to identify and remove the worm. When removing the worm, users and administrators should disconnect the system from the Internet to make sure the malicious program does not escape to another device or system.